All My Deutschlandtickets Gone: Fraud at an Industrial Scale [video]
Posted5d agoActive3h ago
media.ccc.deSecuritystory
heatednegative
Debate
80/100
CybersecurityFraudTransportation Scam
Key topics
Cybersecurity
Fraud
Transportation Scam
Discussion Activity
Very active discussionFirst comment
16h
Peak period
38
96-108h
Avg / period
14.6
Comment distribution73 data points
Loading chart...
Based on 73 loaded comments
Key moments
- 01Story posted
Dec 28, 2025 at 10:54 AM EST
5d ago
Step 01 - 02First comment
Dec 29, 2025 at 2:59 AM EST
16h after posting
Step 02 - 03Peak activity
38 comments in 96-108h
Hottest window of the conversation
Step 03 - 04Latest activity
Jan 2, 2026 at 5:50 PM EST
3h ago
Step 04
Generating AI Summary...
Analyzing up to 500 comments to identify key contributors and discussion patterns
ID: 46411930Type: storyLast synced: 1/2/2026, 6:20:38 AM
Want the full context?
Jump to the original sources
Read the primary article or dive into the live Hacker News thread when you're ready.
Nothing. Some people just wake up in the morning and have to interject their "socialism = bad" religion into at least one thread in order to feel they've done their evangelism for the day.
People who think that living in socialism is in any way desirable simply don’t understand what socialism actually means.
We also get a bit of paid-for goading, just to keep it lively. But we do just fine without it.
Federation is a huge part of why Germany struggles to deliver on it's digitalization goals.
Having every podunk authority handling ticket issuance basically guarantees signing keys will eventually be stolen. The historical lack of a robust revocation mechanism is the nail in the coffin though.
Maybe they also use Marx# (M#) with a socialist software architecture.
The profits and benefits in infrastructure go towards a state and are long term. A private company cannot increase their stock price on a 100 year goal and a countries GDP growth.
Id like to know the US position on why socialism is failing their infrastructure, like power grinds.
"socialism" is vague and meaningless, yes. But poor regulations are a huge problem in the US. Copying an online comment I put in my notes (and not removing the markdown):
> The year is 2010. The Los Angeles Department of Water & Power (LADWP) publishes its initial [environmental study](https://www.ladwp.com/sites/default/files/documents/AppA_SGR...) on a large power infrastructure maintenance project. A portion of the project involves replacing about 200 wooden power poles that run through Pacific Palisades. The California State Lands Commission [reviewed](https://www.ladwp.com/sites/default/files/documents/SGRS_Fin...) the initial study and requested that LADWP provide a [Native American Ground Monitor](https://farwestern.com/monitoring/) during any digging to ensure that cultural resources are not inadvertently damaged or destroyed. By the [final EIR](https://www.ladwp.com/sites/default/files/documents/SGRS_Fin...) in 2016 LADWP decided that replacing the all of those +70 year old power poles was no longer necessary. > > The year is 2018. The Camp Fire ignites in northern California. It's cause was the failure of a 100 year old power line. By early 2019 LADWP [decides to replace](https://www.ladwpnews.com/ladwp-statement-on-power-pole-repl...) those 70 year old powerlines running through Pacific Palisades, they're in a now deemed high fire threat area. The California Public Utilities Commission has recommended they be replaced as soon as possible. Work is to start in 2019. > > July 7th, 2019. LADWP has started work to replace the power lines, as well as leveling and grading new fire roads. Amateur botanist and avid hiker David Pluenneke is hiking in the area. David is a member of the [California Native Plant Society](https://www.cnps.org/wp-content/uploads/2021/01/Compressed-D...). He sees that LADWP has trampled the endangered Braunton’s milkvetch. In all, [183 milkvetches](https://www.courthousenews.com/la-to-pay-1-9-million-for-uti...) were murdered.
As a result:
- All newly constructed fire roads must be unconstructed and returned to their original condition.
- Any work must be supervised by an on site project biologist, or biologists if the worksite is large. These observers will make daily surveys of sensitive wildlife species and they have the authority to stop any work that could result in their harm.
- LADWP agrees to excavate the new powerline poles by hand, with shovels. Workers will walk to the site. Helicopters will bring in the new poles and remove the old.
- No construction activities that generate noise above 60 dBA (loudness of an average conversation) may take place during bird nesting season, which runs from mid February to mid September. Of course this requires another observer biologist, a bird biologist, to verify.
> [Checking Google Street View, as of August 2023 these poles were not replaced.](https://earth.google.com/web/search/Temescal+Ridge+Fire+Road...) But overall there are [300,000+](https://ladwp-jtti.s3.us-west-2.amazonaws.com/wp-content/upl...) power poles in LA. As of 2019, 65% of them were older than the average lifespan of 50 years old. In 2024, LADWP replaced just [2743 poles.](https://prp.ladwp.com/) Their average cost to replace a pole in the same year was [_$69,300._](https://www.ladwp.com/sites/default/files/2025-09/Rates%20Me...) At their 2024 rates it will take LADWP over 70 years and $14 billion to replace all past lifespan poles.
What privatization are you talking about?
It's also been used for cushy post-politics jobs and lots of other incompetent meddling - such as requiring and extracting profits, etc.
You're right that it's not privatized, but the root causes of current misery still are the privatization attempts and a significant neoliberal/conservative political force that caused decay and blocked progress/improvements.
I understand the desire to have a scapegoat for failure, and to externalize it in some abstract capitalists/neoliberals/conservatives, but abandoning reality to create your own world has no predictive power and is not a long-term strategy.
The root cause is still privatization attempts and politicians that don't like well run public infrastructure and sabotage it through underfunding and bad requirements/structure. These are the same people that always claim that infrastructure will work perfectly well when just sold off to the private sector for maximum profit extraction. The working long term strategy is to get these out of position of power - however as is common, people like to vote against their own interests for ideological and emotional reasons.
No need to abandon reality, austerity and idiotic state underfunding of basic infrastructure (not just rail) have been the norm in Germany for decades. This isn't some crackpot conspiracy, but well accepted reality.
On the on hand you claim that a government-run railway company is better off than a privately run (Japan tends to disagree here).
On the other hand you admit that the problems of Deutsche Bahn stem from the fact that politicians have had too much influence on it.
Guess how you can keep politicians out of companies? By keeping them private.
I will never understand why so many people think that companies are magically doing better because the government is running them. That’s just a myth.
Both the government and private entities can be good or bad at running companies. However, the huge advantage with private companies is that customers have options thanks to competition.
Anyone who still has memories of telephone companies run by the government knows what I’m talking about.
As for Deutsche Bahn, the government has full control over it meaning the company is run by the government. Whether it’s officially a German Aktiengesellschaft or not, doesn’t matter at all.
Your argument is often brought up by proponents of a government-run railway so that they don’t have to admit that Deutsche Bahn isn’t doing well despite being run by the government.
And japan is also an exception, as most other system that do work well are not like Japan at all.
> I will never understand why so many people think that companies are magically doing better because the government is running them. That’s just a myth.
That's not really the claim. The reason government running them can work well is because you can run it like an integrated system for the public good. You can actually do system wide planning and implementation and transformation. You can do targeted investment across the whole live-cycle of the system and all its components. You can drive standardization.
Sure if a single company owned everything, they could do that to. But to have a single monopoly normal private company running so much of a countries infrastructure would be patently insane. And literally nobody has or will ever run things that way.
Britain trying to privatize Network Rail is about as close to as you are going to get. And that lasted for a few years at most.
> However, the huge advantage with private companies is that customers have options thanks to competition.
In a perfect world maybe, but when we are talking about rail systems, you do not magically get many rail lines between places just because you say 'private'.
It takes 100s of years of infrastructure and investment to build up a rail network.
And to unlock the true potential of that infrastructure having competing companies run trains on it, is just one marginal potentially beneficial thing you can do. And of the things you can do, its far, far, far away from what actually impacts the consumer the most.
This is completely clear to all experts that study this topic. Complete integrated time-tabling, planning and standardization is far more important then marginal competition on few main lines.
> As for Deutsche Bahn, the government has full control over it meaning the company is run by the government. Whether it’s officially a German Aktiengesellschaft or not, doesn’t matter at all.
You are narrowly talking about legal technicalities. But you are ignoring the larger cultural and historical aspect.
The fact is, the way the German government created the DB was to be private and to make money. That lead the DB culturally to act much differently then traditional national railway companies, like SBB.
And like an actual company they started to invest widely in all sorts of stuff while not focusing on their core business.
So legally it might not matter, but historically it for sure this. It actually makes a difference if your railway company is primary a national instrument to bring affordable public transportation to the people, or if its designed to be a profit making company.
> Your argument is often brought up by proponents of a government-run railway so that they don’t have to admit that Deutsche Bahn isn’t doing well despite being run by the government.
Everybody knows that government ownerships isn't a magic pill. And most people admit that DB isn't doing well and that its government owned. What people dislike is how DB is organized and set up and how politics and DB interacts.
https://news.ycombinator.com/newsguidelines.html
A bad hand does still win the pot sometimes, but that doesn't make it the right play!
At least, transparent issues like this one can only help.
- they only take credit card, probably because of the massive SEPA fraud they've had happen
- they require id verification with a third party(!), which then only supports the e-perso(!!) or video ident(!!!), which they could've just used the actual PostIdent service for, which would've provided an alternative for non-smartphone-havers / people who'd rather not have their ID and face recorded by some Eastern European company until the end of time
- their entire authentication system was down when it came to actually purchasing
buying from my local Verkehrsverbund was a single tap in their app instead, with no id verification whatsoever. If DB's offering were the only option it would be an absolute travesty.
(Or did your local Verkehrsverbund require you to use another payment for the initial purchase than bank transfer?)
Sometimes a law will be in effect for two or three years and virtually no one will even know about it. Recycling electronics in supermarkets? Nope. E-Rechnung mandated for all B2B invoices? In your dreams.
I work at the other end of the spectrum, reducing friction for new immigrants to Germany. I find it especially frustrating. I could explain how things should be, but it would be pointless when reality is far more disappointing.
After living here five years I've finally realized the same thing - Germany is the country of Rules, often well-intentioned, but no one actually follows them. It's especially damning when those rules actually are important and would protect regular people esp. around labor and housing, but oops zero meaningful enforcement. Wish we'd have 1/10th the rules but people had to actually follow them
Deutschlandticket fraud stemmed from decentralization and weak controls: tickets were issued instantly on unverified SEPA debits, and a leaked or mismanaged signing key let attackers mint valid tickets at scale. Poor revocation and fragmented verification meant many fraudulent tickets still scanned as valid, enabling mass resale and huge losses
Pretty simple. On my laptop the video fits 100% in the browser tab and there is no indication that there is more content under it. There is no text except the video title in the portion that I see when the page loads. And the link is marked [video] on HN.
So I simply closed it.
In the private sector, fraud detection is often heuristic based. So this was probably flagged because you didn't buy German railway tickets in the recent past and maybe even you didn't buy anything else in or near Germany.
I remember years ago getting a decline on a credit card transaction to pay for one of my ISPs, and then hours later a phone call. My bank apparently didn't understand (yet, this is years ago) that ISPs are like, not necessarily physically nearby and so since the ISP is on another continent and I had no other nearby transactions it was flagged as likely fraud.
Germany: 0.35 million square kilometer.
On the point of the upkeep, locals know German trains are now legendary for unpunctuality and cancellations, so maybe it's not working. But the answer is obviously (trigger warning for the libertarians...) taxes.
The ticket came about because energy prices went crazy after their energy dealer Putin went crazy and warry, I think it was an attempt to motivate people to take public transport rather than have them moan about fuel prices going way way up...
Although apparently NYC subways used to be better too.
https://www.deutschebahn.com/de/konzern/konzernprofil/zahlen...
Personally, I think they should just abandon timetables, run trains as fast as they can, and if you need to be somewhere by a certain time, you give the planner a target reliability and it uses a probabilistic model of the entire system to tell you when to leave so you can arrive on time (0 minutes delay, or earlier) with that given probability.
> Germany: 0.35 million square kilometer.
This does not matter much, since most people do not travel across states, countries, continents, etc on a daily basis. Most people probably travel within a 50 km (30 mile) radius (travelling to and from work, daycare, school, shopping, etc.).
iirc, the average is slightly higher in the US, but this is probably more due to how the US has approached urban planning over the last century or so than to the size of the country.
Everybody already has local regional tickets anyway. And most people can't be in more then one place at the time anyway. And most people stay in the same region most of the time anyway.
So really you are not losing much compared to having separate local region tickets in a system where the long distance trains are separated.
> who cleans and repairs the trains
The already existing organizations that have run the trains for a long time.
> who invests in infrastructure and all that
The government ...
> I always wonder how the germans can pull this off for 50 Euro. Magic.
Its not magic its just a transportation policy and taxes.
Everybody already has local regional tickets anyway. And most people can't be in more then one place at the time anyway. And most people stay in the same region most of the time anyway.
I live in Rostock. So if I want to go to Berlin or Hamburg (you know, where stuff like actual airports are) I am crossing "regional borders" even if it is a 200-250 km trip to each city
Also in Europe excellence is not rewarded. Nobody become a millionaire by designing and building great IT systems, there is no SV salary to attract and motivate talents, so we are drowning in mediocrity and when the governments are making systems, barely delivering something is the norm. The quality of requirements is very low (who will do better?), the deliverables are either from the lowest bidder or from the party in power friends, depending on the country and project.